Harindha Fernando:
Hi, is it possible to read what are the list of default seccomp syscalls blocked for docker?
How do you find whats in docker-default apparmor policy?
unnivkn:
Please try to search in Docker inspect command
Harindha Fernando:
thanks, it shows in docker inspect only if we use a custom seccomp profile. I used the profile in this link “https://github.com/moby/moby/blob/master/profiles/seccomp/default.json” and remove few syscalls to make a custom profile. once we apply the new profile that comes under securityOpt.seccomp… but with docker-default profile its not showing any seccomp in docker inspect.
Harindha Fernando:
